CISSP · Question #358
Which of the following is the MOST important security goal when performing application interface testing?
The correct answer is D. Examine error conditions related to external interfaces to prevent application details leakage. The most important security goal when performing application interface testing is to examine error conditions related to external interfaces to prevent application details leakage. Application interface testing is a type of testing that focuses on the interactions between differe
Question
Which of the following is the MOST important security goal when performing application interface testing?
Options
- AConfirm that all platforms are supported and function properly
- BEvaluate whether systems or components pass data and control correctly to one another
- CVerify compatibility of software, hardware, and network connections
- DExamine error conditions related to external interfaces to prevent application details leakage
How the community answered
(29 responses)- A21% (6)
- B3% (1)
- C10% (3)
- D66% (19)
Explanation
The most important security goal when performing application interface testing is to examine error conditions related to external interfaces to prevent application details leakage. Application interface testing is a type of testing that focuses on the interactions between different systems or components through their interfaces, such as APIs, web services, or protocols. Error conditions related to external interfaces can occur when the input, output, or communication is invalid, incomplete, or unexpected. These error conditions can cause the application to reveal sensitive or confidential information, such as error messages, stack traces, configuration files, or database queries, which can be exploited by attackers to gain access or compromise the system. Therefore, it is important to examine these error conditions and ensure that the application handles them properly and securely. Confirming that all platforms are supported and function properly, evaluating whether systems or components pass data and control correctly to one another, and verifying compatibility of software, hardware, and network connections are not security goals, but functional or performance goals of application interface testing.
Topics
Community Discussion
No community discussion yet for this question.